Skip to content
Back to pull request #167

Bump actions/upload-artifact from 3.1.3 to 4.2.0 #1157

Sign in to view logs

Bump actions/upload-artifact from 3.1.3 to 4.2.0

Bump actions/upload-artifact from 3.1.3 to 4.2.0 #1157

Workflow file for this run

.github/workflows/_build.yml at fb0f6c6
---
name: "Build"
on:
push:
branches:
- '**'
pull_request:
release:
types:
- edited
- published
schedule:
- cron: '0 10 * * *' # everyday at 10am
workflow_dispatch:
permissions:
actions: read
contents: read
jobs:
diagnostics:
name: "Diagnostics"
uses: ./.github/workflows/diagnostics.yml
config:
name: "Config"
uses: ./.github/workflows/_config.yml
metadata:
name: "Metadata"
needs: [config]
uses: ./.github/workflows/docker-metadata.yml
with:
image_name: ${{ needs.config.outputs.image_name }}
lint:
name: "Lint"
uses: ./.github/workflows/common-lint.yml
build-image-for-testing:
name: "Build image for testing"
needs:
- config
- lint
- metadata
uses: ./.github/workflows/docker-build-image.yml
with:
artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
cache_from_scopes: ${{ needs.config.outputs.test_platform }}
cache_to_scope: ${{ needs.config.outputs.test_platform }}
image_archive_name_stem: ${{ needs.config.outputs.test_platform }}
image_labels: ${{ needs.metadata.outputs.image_labels }}
platforms: ${{ needs.config.outputs.test_platform }}
test-image:
name: "Test image"
needs:
- build-image-for-testing
- config
uses: ./.github/workflows/docker-pytest-image.yml
with:
data_artifact_name: ${{ needs.config.outputs.data_artifact_name }}
image_artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
image_archive_name: ${{ needs.build-image-for-testing.outputs.image_archive_name }}
build-each-platform:
name: "Build platform"
needs:
- config
- lint
- metadata
- test-image
if: github.event_name != 'pull_request'
strategy:
matrix:
platform: ${{ fromJson(needs.config.outputs.platforms_json) }}
exclude:
- platform: ${{ needs.config.outputs.test_platform }}
uses: ./.github/workflows/docker-build-image.yml
with:
artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
cache_from_scopes: ${{ matrix.platform }}
cache_to_scope: ${{ matrix.platform }}
image_labels: ${{ needs.metadata.outputs.image_labels }}
image_archive_name_stem: ${{ matrix.platform }}
platforms: ${{ matrix.platform }}
generate-sboms:
name: "Bill of Materials"
needs:
- build-each-platform
- config
permissions:
contents: write
uses: ./.github/workflows/sbom-artifact.yml
with:
image_artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
docker-secrets:
name: "Docker secrets"
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # tag=v2.6.1
with:
egress-policy: block
- name: Check docker.com credentials
run: |
return_code=0
if [ -z "${{ secrets.DOCKER_USERNAME }}" ]; then
echo "::warning::Set the DOCKER_USERNAME secret."
return_code=1
fi
if [ -z "${{ secrets.DOCKER_PASSWORD }}" ]; then
echo "::warning::Set the DOCKER_PASSWORD secret."
return_code=1
fi
exit $return_code
build-multi-arch-image:
name: "Publish image"
needs:
- build-each-platform
- config
- docker-secrets
- metadata
if: github.event_name != 'pull_request'
permissions:
packages: write
uses: ./.github/workflows/docker-multi-arch-push.yml
with:
artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
image_tags: ${{ needs.metadata.outputs.image_tags }}
secrets:
docker_password: ${{ secrets.DOCKER_PASSWORD }}
docker_username: ${{ secrets.DOCKER_USERNAME }}
publish-readme:
name: "Publish docs"
needs:
- build-multi-arch-image
- config
- docker-secrets
- metadata
if: needs.metadata.outputs.latest == 'true'
uses: ./.github/workflows/docker-publish-description.yml
with:
image_name: ${{ needs.config.outputs.image_name }}
secrets:
docker_password: ${{ secrets.DOCKER_PASSWORD }}
docker_username: ${{ secrets.DOCKER_USERNAME }}